CVE-2026-4647

The CVE-2026-4647 issue affects the GNU Binutils BFD library when handling XCOFF object files. A relocation type value is not properly validated before use, allowing an out-of-bounds read. This can cause tools that process XCOFF binaries to crash or expose unintended memory contents, leading to d...

CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

UBUNTU-CVE-2025-69652

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...

ALPINE-CVE-2025-5244

A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elfgcsweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed...

GNU Binutils get_data Function Denial of Service Vulnerability

GNU Binutils is a set of open source tools for working with binary files such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. A denial of service vulnerability exists in GNU Binutils, which stems from a memory...

GNU Binutils 安全漏洞

GNU Binutils is a set of binary tools developed by the GNU Project, mainly used to deal with target files e.g., executables, libraries, etc., covering compilation, linking, debugging, and other phases of the function. A memory leak vulnerability exists in GNU Binutils, which originates from a...

radare2 输入验证错误漏洞

radare2 is a set of libraries and tools for working with binary files. An input validation error vulnerability exists in radare2 versions prior to 5.6.8, which stems from incorrect array index validation...

DEBIAN-CVE-2020-16593

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.35, in scanunitforsymbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file...

DEBIAN-CVE-2017-13710

The setupgroup function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a group section that is too small...

DEBIAN-CVE-2017-12452

The bfdmachoi386canonicalizeonereloc function in bfd/mach-o-i386.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file...